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Method and device for accessing a telecommunication 
network and for billing telecommvmication services. 

[0001] The invention relates to a method and to a device for accessing a 
telecommimications network and for billing telecommunications services according to the 
generic term of the independent patent claims. 

[0002] The described invention presents novel processes with respect to the classical 
mechanisms of network operators (as a rule mobile radio) for them to make services available 
to their customers and to take payments from the latter for the performance of same. In this 
context, it is primarily a matter of new access mechanisms and of means for the (mobile) 
telecommunication network, for modified security mechanisms, as well as for innovative 
accounting methods. In the interest of simplification the invention is described in the 
following on the basis of mobile radio networks of the GSM standard, but it is also applicable 
to other telecommunication networks, insofar as the limit conditions given in the 
specification are also applicable to these networks. 

[0003] In general it can be said that a mobile radio telephone services operator, by 
means of his telecommunication network, sets up an infrastructure which makes possible the 
utilization of certain services (primarily telephony). These services can be used by any 
subscriber under the fulfillment of certain boundary conditions, in return for payment. The 
network operator decides in each individual case to which subscriber he allows access to his 
telecommunication network (and therewith to his services), and which subscriber he excludes 
from the claiming of the services associated with the access. In the classical case there are 
two set-ups that allow a subscriber an access entitlement to a telecommunication network: 
a) on a subscription basis: 

The subscriber signs a contract with a home operator, which makes possible for the 
subscriber the use of certain services for the running time of the contract. Typical for this set- 
up is that the user pays as a rule a continuous basic amount and, for the claiming of services, 
a quantity-dependent fee. The payment occurs as a rule on a creditor basis per monthly 
accoimt. 
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b) on a prepaid basis: 

The subscriber buys from the Home Operator a certain type and amount of services and pays 
for these in advance. For this he is entitled to the use of the network and of the areas 
particular to the purchased scope agreed upon. The network operator checks the type and 
amount of the services used and, after the subscriber has used up his purchase contingent, 
again withdraws the access entitlement. 

[0004] Especially for the GSM mobile radio networks, there exist two variants for 
the utilization of the telecommunication services: 

a) The subscriber uses exclusively the infrastructure of the Home Operator. The 
payment for this use is made according to one of the above processes. 

b) The subscriber uses at least in part the infrastructure of another network operator 
(Visited Operator). The payment is made to the Home Operator according to the 
above processes. Moreover, without influencing the subscriber, for the accessing of 
the foreign network corresponding compensation payments are made between the 
operators (Roaming Fall: roaming case). 

[0005] The set-ups described make it clear that the control of the network operator 
over the access entitlement of the subscribers represents a central fiinction. Both in the case 
of the exclusive utilization of the home network and also in the roaming case, in the use of 
a foreign network there are defined mechanisms for the GSM which ensure the authenticity 
of the subscriber. 

[0006] The technical medium which makes this possible is the chip card or 
subscriber identity module (SIM) in combination with data in the network, for example data 
which are deposited in the home register (Ht.R) in the authentication center (AC), or in the 
visitor register (VLR). Ultimately the SIM represents the basis that permits the operator 
(Home or Visited) to check the access entitlement of the subscriber. 

[0007] The problem of the invention is to propose a system and a process for access 
to telecommunication networks and for the billing of the telecommunication services that, 
as compared to the classical mechanisms, is simpler and more convenient both for the 
network operator and also for the subscriber. 

[0008] This problem is solved by the characterizing features of the independent 
patent claims. 
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[0009] The classical set-up ensures two fundamental points about the access 
mechanisms described: 

a. The network operator knows who the subscriber is 

b. The network operator knows that he is receiving (or already has received) payment 
for the service claimed. 

[0010] Substantially considered, actually only point b) is decisive. This is likewise 
ensured according to the invention, in which case, however, the classical set-up is abandoned. 
[0011] According to the invention there holds, as in the classic case, the following: 

- the network operator makes available an infrastructure and services; 

- these can be used in retum for payment; 

- the network operator controls the access to this services. 

[0012] In contract to the two classical possibilities-over subscription or over 
payment in advance (Prepaid) in order to obtain access entitlement to the network-according 
to the invention the following is provided: 

[0013] The subscriber must in advance (or subsequently) notify the network operator 
in some manner (or must convince this party) that a payment for the service requested (or to 
be requested) either is being made, or hass already been made, as he: 

a) proves beyond doubt his identity and a dependability associated therewith (for 
example: "I am the federal Chancellor of the Federal Republic of Germany", using 
a digital signature, for example. 

b) pays directly over dependable mechanisms (EC card, electronic exchange) 

c) proves beyond doubt his association with a dependable third party who takes 
responsibility for the payment (a credit card organization, for example). 

[0014] If the subscriber can fulfill one of the above-mentioned requests (a, b), or c), 
then primarily the claim of the network operator to obtaining a payment from the subscriber 
is satisfied. Depending on the process carried out, and on the process environment, even the 
point "Who is the subscriber?" is to be fulfilled, which, to be sure, is not compulsorily 
required. 

[0015] Ever according to variants in character and in form of execution, the demands 
of the network operator in regard to the certainty of payment by the subscriber are surely 
different, also in comparison to the classical set-up. The measure of security lies, to be sure. 
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solely in the judgment or estimation of the network operator. For the clarification of this fact 
there serves the classical set-up in the GSM network, in which the network operator 
decides on the technical security of the SIM; 

decides freely about the authentication algorithm (even the selection of a simple 
"XOE-algorithm" would be allowed): 

he himself determines the individual subscriber key (Ki) (even a constant key for all 
the subscribers would be allowed); 

decides on the security level of the entire key management process (generation, 
transport, storage). 

(0016] According to a preferred form of execution of tiie invention it is provided to 
use a credit card as payment medium. All applications of hitherto which describe tiie use of 
credit cards as payment medium presume that the subscriber in principle has an access 
entitlement to a communication network, which he has already obtained by one of the above 
variants (subscription, Prepaid). The paying per credit card (predominantly of third parties) 
are settled in this way (likewise over the credit card). There is a band width, there, of forms 
of execution possibilities which differ in security and in user-friendliness. Let there be 
mentioned, for example, the following variants: 

- the subscriber gives his credit card number to a search server; 

- he uses the keyboard (DTMF-tones) for the input of his credit card number; 

- he sends an SMS to a special server with his credit card data; 

- with the aid of his MSISDN or IMSI an allocation to his credit card is established (which 
the subscriber has made known in advance to the network operator). 

[0017] What is novel in the process described here is that there is made possible for 
the subscriber the claiming of telecommunication services even without valid (classical) 
access entitlement, as he proves his good faith with respect to the network operator by means 
of a credit card. 

[0018] hi the identification process over the credit card again different variants are 
conceivable: 

a) The subscriber (not registered in the telecommunication network) obtains access only 
to a certain target (possibly by means of any arbitrary call number), under which he 
can identify himself by means of input of his credit card number (as a rule on "per call 
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basis"). This may include certain plausibility and security checks as well, such as, for 
example, pass word protection, the input of additional personal data, on line check 
of the data with the credit card organization, etc. 

b) The subscriber obtains the right to outgoing brief reports and can be registered in a 
same manner as under a). 

c) In the event that the credit card is chip-card based, the subscriber communicates his 
credit card data electronically, therefore directly with his credit card. This can take 
place in various ways: 

- the end apparatus permits an access to a second card reader in which there 
is inserted the subscriber's credit card; 

- the end apparatus accepts the credit card instead of the SIM. Instead of the 
IMSI (as in GSM) the credit card number is sent in full or in part to the 
network, with the registration procedure. The network operator must be in a 
position, there, to distinguish this case from the 

classical registration procedure. 

d) The network operator can himself perform an allocation between the SIM (not 
registered in the classical sense) and a credit card. This requires a previous, 
imrepeated procedvire, in which this allocation is established. 

[0019] In order to make possible a service (as a rule telephony) for subscribers not 
reachable by telephone (in the classical sense) then, dependmg on the character of the set-up 
certain system preconditions are to be created (here for example GSM) which fulfill the 
following requirements: 

- to a not roaming-qualified or non-registered or non-authenticated subscriber an 
access to the telecommunication network is to be granted; 

- the access permits only a restricted functionality (for example only outgoing calls 
(MoC) to a certain target/destination; 

- concerning the access a payment process is established by means of a credit card; 

- a sure identification of the subscriber accomplished over the credit card allows him 
the unrestricted use of the network (for example MoCs); 

- the billing for the service is based on the use of the credit card (for example on the 
credit card accoimt). 


-6- 

[0020] The described process opens up new possibilities both for the subscribers and 
also for the network operator concerning service utilization and mutual business relationship, 
and has a number of advantages. 

[0021] For the subscriber who is in possession of a credit card this process has the 
advantage, without valid (telecommunication) subscriber relation or without valid roaming 
entitlement, nevertheless to obtain the services of a network operator. 

[0022] For the network operator this likewise has a substantial advantage: The 
services that the network operator makes available to the (mobile radio) subscribers require 
no registration. Registration means, for the network operator, the preparing of corresponding 
system resources, which again is very cost-intensive. Thus every personalized SIM, even if 
it is not yet activated-therefore has no MSISDN and services allocated to it--has resources 
in HLR/AC or in the card management system KMS. Since these resources are, on the one 
hand, expensive and are, on the other hand also numerically limited (number ranges for 
MSISDN) certain set-ups are forbidden such as, for example, a large-scale keeping m stock 
of SIMs, or a wide area distributing of cards into the area. 

[0023] Unregistered SIMs have this restriction in large part. Thus it is entirely 
imaginable to distribute so-called "Simple-SIMs" m large number to end customers or points 
of sales, which would open up quite different marketing approaches. By a Simple-SIM in the 
simplest case a chip card is to be understood, which has, as sole functionality, the capacity 
of making possible the registration procedure for an end apparatus, as it makes available an 
IMSI. The IMSI does not have to be registered with the network operator, nor must the 
Simple-SIM be authenticated for-as described above-the network operator 
takes up this stain and with these cards offers the registration per credit card. For example, 
it may be provided that each credit card customer obtains with his monthly bill a Simple-SIM 
sent to him. This Simple-SIM is installed in a cellular telephone and permits the (restricted) 
access to a mobile radio network, as the registration is developed over the credit card. The 
billing for the telecommunication services used occurs likewise over the credit card. Through 
elimination of the necessity to sign a subscription per contract, it is entirely imaginable to 
market the simple SIMs also over newsstands, filling stations, trade chains, etc. Likewise the 
possibility is offered to sign agreements with end apparatus producers, so that the latter will 
already supply their end apparatuses with a simple SIM of a network operator. This lies both 
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in the interest of the network operator as well as in the interest of the end apparatus producers 
and end customers, since the end apparatus is already telephonable without the signing of 
subscription contract. 

[0024] A variant may consist, for example, in already forming the Simple-SIM in 
such manner that it can be transformed into a regular SIM in the event that the subscriber 
decides to enter into a subscription contract with the network operator. This can be 
accomplished by subsequently applying functions to the SIM (over-the-air) or clearing, as 
well as bringing the card data into the corresponding system in the network or clearing. 

[0025] In the following the invention is explained in detail with reference to the 
drawing figures. In the process further features and advantages of the invention are yielded. 
In the drawing: 

Fig. 1 shows Entering into the GSM network by means of error evaluation of the HLR; 
Fig. 2 Identification and call build-up over credit card server (CC-Server); 

Fig. 3 Entry into the GSM network by means of Simple-SIM and Simple-HLR. 

[0026] The following depictions 1 and 2 show a first implementation variant of the 
invention. Fig. 1 shows an example for an entry procedure and the system adaptation 
associated therewith and Fig. 2 describes the identification process of a subscriber by means 
of credit card. 

[0027] According to the invention a service use in the mobile radio network is made 
possible for a subscriber even without a valid SIM. Technical intervention is made there at 
the point where in the classical case the identification and authentication procedures of the 
network operator begin. 

[0028] Let us take as an example the case according to Fig. 1, that an invalid SIM 2 
is used in the end apparatus 1, and therewith it is attempted to obtain access to a (GSM) 
mobile radio network. Invalid SIM means in this context: 

- not registered (IMSI unknown to the Home Operator) 

- not capable of roaming (the IMSI belongs to a Home Operator who has not issued 
any Roaming permit to the subscriber) 

- not authentic (the authentication procedure fails, for example because of false Ki). 
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[0029] In all cases in the classical case the network operator (sends) a corresponding 
error report to the end apparatus 1 and denies access to his infrastructure (an exception if 
made exclusively for the emergency call "112"). 

[0030] The new set-up alters the process of hitherto insofar that the network operator 
does, to be sure, register that the SIM 2 used has no access entitlement in the classical sense, 
but he does not in principle deny the access to the subscriber. On the contrary, the network 
operator offers the subscriber the opportunity to identify himself by means of suitable 
procedures, alternatively, for example, via his credit card. If the identification is successful 
in the meaning of the network operator, then the party offers the subscriber a certain spectrum 
of services. 

[0031] The network operator achieves a certain "payment guarantee" by the security 
of the defined identification mechanism as well as by the usual payment guarantees of credit 
card firms on claiming of service performances to their customers. 

[0032] A person would like to register himself over a mobile radio apparatus 1 in the 
mobile radio network, and telephone over this mobile radio network. The subscriber has a 
subscriber identification module 2 (SIM) which contains an international mobile subscriber 
identification (IMSI), it being assumed that the IMSI is not registered in the mobile radio 
network concerned and that the SIM is not roaming-entitled in the mobile radio network 
concerned. This means that the person normally by means of the SIM 2 cannot register 
himself in the mobile radio network concerned and avail himself of its services. 

[0033] According to the invention, however, this is now possible, as first of all a 
report of the end apparatus 1 occurs at the appropriate base station control 3 (BSC). Since 
the end apparatus 1 or SIM 2 is not hitherto registered, first of all a Location Update 
Procedure is sent over the mobile intermediation point 4 (MSG) and the visitor register 5 
(VLR) to the home register 7 (HLR), at which inter alia the IMSI deposited on the SIM 2 is 
transferred to the HLR 7. The HLR 7 checks whether the IMSI is registered~in this case it 
is not~and sends an error report (ERROR) back to the VLR 5 that the IMSI is not known. 
In the VLR a special module 6 is arranged, the assignment of which is to catch up these 
special error reports, evaluate them, and release correspondingly predetermined actions. 
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[0034] Simultaneously the normally executed authentication and cipher procedures 
are switched off and the Location Update Procedure is concluded, as the accomplished 
simplified residence/say registration is positively confirmed. 

[0035] Fig. 2 shows the call build-up after completed report of the end apparatus 1 
or of the SIM 2 in the mobile radio network. The call wish of the end apparatus 1 is 
forwarded over the BSC 3 and the MSG 4 to the VLR 5. Initiated by the special module 6 
which releases a special treatment of the call wish, there occurs first of all a blocking (ODB: 
Operator Determined Barring) of the further connection build-up to the desired call number. 
Instead of this, the call is rerouted by means of an established Routing to a specially arranged 
credit card server 8 (CC-Server), which either is a part of the mobile radio network, therefore 
govemed by the network operator, or can be connected externally to the mobile radio 
network. 

[0036] The CC-Server 8 begins a dialog (speech dialog or text display) with the 
subscriber, in which the subscriber is requested to give his credit card number and its 
expiration date, for example over the keyboard of the end apparatus. These data are 
forwarded to the CC-Server. The CC-Server 8 checks the data given by the subscriber 
(validity, barring notations, etc.) of the credit card and in the "good" case gives release to the 
mediating station MSC 4 or the VLR 5, to switch through the call wish of the subscriber. 

[0037] There occurs a more regular call build-up to the call number desired by the 
subscriber, in which the fees that have fallen due for the connection are computed by the 
network operator with the aid of the subscriber credit card data. 

[0038] A special form of execution of the invention according to Fig. 3 preferably 
uses, as access medium to the GSM network, a chip-card in the form of a so-called Simple- 
SIM 9, which is registered m the GSM network of the Home Operator, to be sure, but which, 
with respect to a Standard-SIM 2 is constructed with clearly reduced functionality. Every 
Simple-SIM has a special IMSI which is chosen, for example, in such manner that it 
characterizes the Simple-SIM clearly as such. It would also be possible to use the same IMSI 
for all issued Simple-SIMs, since the IMSI is not needed for the identification of a certain 
subscriber, but exclusively for the identification of a Simple-SIM. 

[0039] Even a set-up to use a chip card-based card directly as access medium would 
be possible, provided that the end apparatus used supports this. 
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[0040] In the example according to Figs. 1 and 2 also the use of a Simple-SIM 9 or 
of a special credit card is conceivable. 

[0041] On network side there is arranged in addition to the regular HLR 7 a so-called 
Simple-HLR 10, which is appropriate exclusively for the registration of the simple SIMs. 
Like the regular HLR 7, the simple HLR 1 0 used for the registration of the simple SIMs also 
must have certain functionalities, especially at its interface point; but internally it can clearly 
be more simply implemented and, for example, have only one standard subscriber profile, no 
MSISDNa, simplified authentication mechanisms, etc. At least the simple HLR 10 must be 
capable of recognizing the IMSIs allocated to the simple SIMs as such. 

[0042] Analogously to the example of execution according to Figs. 1 and 2, the end 
apparatus or the simple SIM 9 reports to the mobile radio network, as first of all a Location 
Update Procedure is initiated. With the aid of the IMSI communicated firom the simple SIM 
9, the simple HLR 10 recognizes that a special handling of this connection wish (of the 
subscriber) is necessary. Since, however, the IMSI of the simple SIM is knovm to the simple 
HLR 1 0, a regular entering of the end apparatus 1 into the mobile radio network is permitted, 
with use of the corresponding authentication and cipher mechanisms. There it is possible to 
use simplified authenticating and coding parameters which can be carried out with constant, 
uniform Challenge/Response pairs or with variable Challenge/Response pairs which are 
generated in the simple HLR 10 by the cryptographic process. 

[0043] Despite a completed authentication of subscriber with the aid of his Simple 
SIM 9, the call further-switching by the simple HLR 10 is at first blocked, as an error report 
(ERROR) is given back to the VLR 5. 

[0044] The special module 6 in the VLR 5 provides that the error reports of the 
simple HLR 10 are correspondingly evaluated and converted. In the use of ODB reports the 
call wish analogously as in the form of execution example according to Figs. 1 and 2, is then 
rerouted onto a credit card server 8, where the identification of the subscriber per credit card 
occurs. The subscriber can then dial the target (destination) call number, and the call build 
up to the desired target call number can take place. With the use of an IN-trigger, the target 
call number can already be dialed in the dialing of the CC-server 8. 
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